Senior [Red Team] Security Consultant

Senior [Red Team] Security Consultant

Banglore

Posted Date :2024-03-01

---

Applicants for this position should demonstrate leadership and sound business judgment in anticipating client/project needs and developing alternative solutions.

 

Responsibilities:

1. Compromising the target’s security by extracting information, infiltrating its systems, or breaching its physical perimeters.
2. Evading detection by the blue team, often operating within narrow timeframes that challenge the blue team's ability to neutralize threats before damage occurs.
3. Exploiting bugs and weaknesses in the target’s infrastructure to identify gaps in technical security and enhance overall security posture.
4. Initiating hostile activities, including sophisticated penetration testing, to assess the blue team’s defensive capabilities reliably.

 

Skill Sets:

1. Conducting initial reconnaissance using open-source intelligence (OSINT) to gather information on the target.
2. Deploying command-and-control servers (C&C or C2) to establish communication with the target’s network.
3. Utilizing decoys to mislead the blue team.
4. Applying social engineering and phishing techniques to manipulate employees into compromising their machines or revealing sensitive information.
5. Performing physical and digital penetration testing.
6. Conducting network penetration testing and manipulating network infrastructure.
7. Scripting or automating tasks using Perl, Python, or Ruby.
8. Developing, extending, or modifying exploits, shellcode, or exploit tools.
9. Reverse engineering malware, data obfuscators, or ciphers.
10. Demonstrating a thorough understanding of network protocols, data on the wire, and covert channels.
11. Mastery of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell.
12. Building security tools and automating Red Teaming workflows.
13. Utilizing Threat Modeling methodologies to identify threats and shape Red Team operations.
14. Understanding Mitre’s ATT&CK Framework.
15. Possessing certifications from SANS and Offensive Security is highly desirable.
16. Conducting Web Penetration Testing (OWASP and SANS).

 

Key Responsibilities for Cyber Security Consultants:

1. Proficiency with leading commercial and open-source automated reconnaissance and penetration testing tools and services.
2. Ability to perform targeted penetration tests without relying solely on automated tools.
3. Familiarity with networking fundamentals.
4. Understanding of application design principles.
5. Knowledge of web and mobile application exploitation methodologies.
6. Ability to independently research new vulnerabilities in software products.
7. Familiarity with the fundamentals of software exploitation on modern operating systems.

 

Qualifications:

1. Minimum 2 years of experience performing network, web, and mobile application penetration tests.
2. Offensive Security Certified Professional (OSCP) / Offensive Security Certified Expert (OSCE).
3. Certified Ethical Hacker (CEH).

Full Name*

Email*

Contact Number*

Location*

Experience*

Your LinkedIn Profile URL

Job Convenience*

Fulltime

Parttime

Freelance

On demand

Submit